_drupal_session_read
- Versions
- mediamosa-21
_drupal_session_read($sid)
Session handler assigned by session_set_save_handler().
This function will be called by PHP to retrieve the current user's session data, which is stored in the database. It also loads the current user's appropriate roles into the user object.
This function should not be called directly. Session data should instead be accessed via the $_SESSION superglobal.
Parameters
$sid Session ID.
Return value
Either an array of the session data, or an empty string, if no data was found or the user is anonymous.
Code
includes/session.inc, line 67
<?php
function _drupal_session_read($sid) {
global $user, $is_https;
// Write and Close handlers are called after destructing objects
// since PHP 5.0.5.
// Thus destructors can use sessions but session handler can't use objects.
// So we are moving session closure before destructing objects.
drupal_register_shutdown_function('session_write_close');
// Handle the case of first time visitors and clients that don't store
// cookies (eg. web crawlers).
$insecure_session_name = substr(session_name(), 1);
if (!isset($_COOKIE[session_name()]) && !isset($_COOKIE[$insecure_session_name])) {
$user = drupal_anonymous_user();
return '';
}
// Otherwise, if the session is still active, we have a record of the
// client's session in the database. If it's HTTPS then we are either have
// a HTTPS session or we are about to log in so we check the sessions table
// for an anonymous session with the non-HTTPS-only cookie.
if ($is_https) {
$user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchObject();
if (!$user) {
if (isset($_COOKIE[$insecure_session_name])) {
$user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array(
':sid' => $_COOKIE[$insecure_session_name]))
->fetchObject();
}
}
}
else {
$user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => $sid))->fetchObject();
}
// We found the client's session record and they are an authenticated,
// active user.
if ($user && $user->uid > 0 && $user->status == 1) {
// This is done to unserialize the data member of $user.
$user = drupal_unpack($user);
// Add roles element to $user.
$user->roles = array();
$user->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
$user->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 1);
}
// We didn't find the client's record (session has expired), or they are
// blocked, or they are an anonymous user.
else {
$session = isset($user->session) ? $user->session : '';
$user = drupal_anonymous_user($session);
}
return $user->session;
}
?>MediaMosa API
Search Mediamosa 2.1
  |
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License |  |
Developer links
The current recommended MediaMosa version is 3.2.2. Release notes are available in MediaMosa Trac.